should login.defs allow explicit specification of secure ttys?

To: debian-security@lists.debian.org
Subject: should login.defs allow explicit specification of secure ttys?
From: Jim Breton <jamesb-debian@alongtheway.com>
Date: Fri, 28 Jul 2000 07:02:04 +0000
Message-id: <[🔎] 20000728070204.I23017@alongtheway.com>

I was just about to send this to bugs with a severity of "wishlist" but
then I figured maybe I'd throw it out here first.

Package: login
Version: 19990827-20
Severity: wishlist

Hello.  I was reading the login.defs man page and noted this:

                   CONSOLE /etc/consoles

              or  a  colon-delimited  list of terminal lines such
              as:

                   CONSOLE console:tty01:tty02:tty03:tty04

              If a pathname is  given,  each  line  of  the  file
              should  specify one terminal line.  If this parame
              ter is not defined or the specified file  does  not
              exist,  then  root  logins will be allowed from any
              terminal line.  Because the removal of  this  file,
              or  its  truncation,  could  result in unauthorized
              root logins, this file must  be  protected.   Where
              security  is  critical,  the  colon-separated  form
              should be used to prevent this potential method  of
              attack.


My first point is that this really isn't correct since we use the
/etc/securetty mechanism via PAM.

Second issue, is that as the note in the man page states, there really
is a (small) security benefit to being able to list the ttys in
login.defs.

Otoh, one could say "someone who could remove or truncate /etc/securetty
could just as easily remove or truncate /etc/login.defs" which is a good
point.

I'd appreciate your view on this.  :)  Thanks.

Reply to:

Prev by Date: recent gpm DoS issue
Next by Date: Re: recent gpm DoS issue
Previous by thread: Re: recent gpm DoS issue
Next by thread: ssh-agent bug?
Index(es):
- Date
- Thread